← Back to exam page

CAS-005 CompTIA SecurityX Certification

Loading demo links...

Showing 1–3 of 15 questions

Question 1

Which of the following are risks associated with vendor lock-in? (Choose two.)

Select all that apply, then click Submit answer.

  • The client can seamlessly move data.

  • The vendor can change product offerings.

  • The client receives a sufficient level of service.

  • The client experiences decreased quality of service.

  • The client can leverage a multicloud approach.

  • The client experiences increased interoperability.
Question 2

A company created an external application for its customers. A security researcher now reports that the application has a serious LDAP injection vulnerability that could be leveraged to bypass authentication and authorization.

Which of the following actions would BEST resolve the issue? (Choose two.)

Select all that apply, then click Submit answer.

  • Conduct input sanitization.

  • Deploy a SIEM.

  • Use containers.

  • Patch the OS

  • Deploy a WAF.

  • Deploy a reverse proxy

  • Deploy an IDS.
Question 3

A company that uses AD is migrating services from LDAP to secure LDAP. During the pilot phase, services are not connecting properly to secure LDAP. Block is an except of output from the troubleshooting session:

Text Description automatically generated

Which of the following BEST explains why secure LDAP is not working? (Select TWO.)

Select all that apply, then click Submit answer.

  • The clients may not trust idapt by default.

  • The secure LDAP service is not started, so no connections can be made.

  • Danvills.com is under a DDoS-inator attack and cannot respond to OCSP requests.

  • Secure LDAP should be running on UDP rather than TCP.

  • The company is using the wrong port. It should be using port 389 for secure LDAP.

  • Secure LDAP does not support wildcard certificates.

  • The clients may not trust Chicago by default.